Before software was used in sarety critical systems, they were often controlled by conventional (nonprogrammable) mechanical and electronic devices. System safety techniques are designed to cope with random failures in these (nonprogrammable] systems. Human design errors are not considered since it is assumed that all faults caused by human errors can be avoided completely or removed prior to delivery and operation.
When software is used as part of the control, complexity can increase by an order of magnitude or more. Subtle design faults induced by human error—something that can be uncovered and eliminated in hardware-based conventional control—become much more difficult to uncover when software is used.
Software safety is a software quality activity that focuses on the identification and assessment of potential hazards that may affect software negatively and cause an entire system to fail. If hazards can be identified early in the software engineering process, design features can be specified that will either eliminate or control potential hazards.
A modeling and analysis process is conducted as part of software safety. Initially, hazards are identified and categorized by risk. For example, some of the hazards associated with a computer-based cruise control for an automobile might be
• causes uncontrolled acceleration that cannot be stopped
• does not respond to depression of brake pedal (by turning off)
• does not engage when switch is activated
• slowly loses or gains speed
Once these system-level hazards are identified, analysis techniques are used to assign severity and probability of occurrence. To be effective, software must be analyzed in the context of the entire system.
For example, a subtle user input error (people are system components) may be magnified by a software fault to produce control data that improperly positions a mechanical device. If a set of external environmental conditions are met (and only if they are met), the improper position of the mechanical device will cause a disastrous failure.
Anylysis techniques such as fault tree analyse , real-time logic , or petri net models can be used to predict the chain of events that can cause hazards and the probability that each of the events will occur to create the chain.
Once hazards are identified and analyzed, safety-related requirements can be specified for the software. That is, the specification can contain a list of undesirable events and the desired system responses to these events. The role of software in managing undesirable events is then indicated.
Although software reliability and software safety are closely related to one another it is important to understand the subtle difference between them. However, the occurrence of a failure does not necessarily result in a hazard or mishap. Software safety examines the ways in which failures result in conditions that can lead to a mishap. That is, failures are not considered in a vacuum, but are evaluated in the context of an entire computer-based system.
RELATED POSTVALIDATION TESTING
DEBUGGING AND TESTING
DEFECT AMPLIFICATION AND REMOVAL
ITERATIVE SPIRAL MODEL
STANDARD WATER MODEL
CONTROLLED TESTING ENVIRONMENT
RISK ANALYSIS PART ONE
RISK ANALYSIS PART TWO
BACK GROUND ISSUES
SOFTWARE REVIEWS PART ONE
SOFTWARE REVIEWS PART TWO
V MODEL IN TESTING